[IMP] auth_signup: define new model and methods for signup
bzr revid: rco@openerp.com-20120921104237-krjff0k8lvhric8c
This commit is contained in:
parent
7655344ec5
commit
7873305eb1
|
@ -32,10 +32,12 @@ class base_config_settings(osv.TransientModel):
|
|||
def get_default_auth_signup_template_user_id(self, cr, uid, fields, context=None):
|
||||
icp = self.pool.get('ir.config_parameter')
|
||||
return {
|
||||
'auth_signup_template_user_id': icp.get_param(cr, uid, 'auth_signup.template_user_id', 0) or False
|
||||
'auth_signup_uninvited': icp.get_param(cr, uid, 'auth_signup.allow_uninvited', False),
|
||||
'auth_signup_template_user_id': icp.get_param(cr, uid, 'auth_signup.template_user_id', False),
|
||||
}
|
||||
|
||||
def set_auth_signup_template_user_id(self, cr, uid, ids, context=None):
|
||||
config = self.browse(cr, uid, ids[0], context=context)
|
||||
icp = self.pool.get('ir.config_parameter')
|
||||
icp.set_param(cr, uid, 'auth_signup.allow_uninvited', config.auth_signup_uninvited)
|
||||
icp.set_param(cr, uid, 'auth_signup.template_user_id', config.auth_signup_template_user_id.id)
|
||||
|
|
|
@ -14,7 +14,9 @@
|
|||
</div>
|
||||
<div attrs="{'invisible':[('auth_signup_uninvited','=',False)]}">
|
||||
<label for="auth_signup_template_user_id"/>
|
||||
<field name="auth_signup_template_user_id" class="oe_inline" domain="['|',('active','=',0),('active','=',1)]"/>
|
||||
<field name="auth_signup_template_user_id" class="oe_inline"
|
||||
attrs="{'required': [('auth_signup_uninvited', '=', True)]}"
|
||||
domain="['|',('active','=',0),('active','=',1)]"/>
|
||||
</div>
|
||||
</xpath>
|
||||
</field>
|
||||
|
|
|
@ -1,6 +1,125 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
##############################################################################
|
||||
#
|
||||
# OpenERP, Open Source Management Solution
|
||||
# Copyright (C) 2012-today OpenERP SA (<http://www.openerp.com>)
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU Affero General Public License as
|
||||
# published by the Free Software Foundation, either version 3 of the
|
||||
# License, or (at your option) any later version
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU Affero General Public License for more details
|
||||
#
|
||||
# You should have received a copy of the GNU Affero General Public License
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>
|
||||
#
|
||||
##############################################################################
|
||||
|
||||
import openerp
|
||||
from openerp.osv import osv
|
||||
from openerp.osv import osv, fields
|
||||
from openerp import SUPERUSER_ID
|
||||
from openerp.tools.misc import DEFAULT_SERVER_DATETIME_FORMAT
|
||||
|
||||
import time
|
||||
import random
|
||||
import urlparse
|
||||
|
||||
def random_token():
|
||||
# the token has an entropy of 120 bits (6 bits/char * 20 chars)
|
||||
chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
|
||||
return ''.join(random.choice(chars) for i in xrange(20))
|
||||
|
||||
def now():
|
||||
return time.strftime(DEFAULT_SERVER_DATETIME_FORMAT)
|
||||
|
||||
|
||||
class res_partner(osv.Model):
|
||||
_inherit = 'res.partner'
|
||||
_columns = {
|
||||
'signup_token': fields.char(size=24, string='Signup Ticket'),
|
||||
'signup_expiration': fields.datetime(string='Signup Expiration'),
|
||||
}
|
||||
|
||||
def signup_generate_token(self, cr, uid, partner_id, context=None):
|
||||
""" generate a new token for a partner, and return it
|
||||
:param partner_id: the partner id
|
||||
:param expiration: the expiration datetime of the token (string, optional)
|
||||
:return: the token (string)
|
||||
"""
|
||||
# generate a unique token
|
||||
token = random_token()
|
||||
while self.signup_retrieve_partner(cr, uid, token, context):
|
||||
token = random_token()
|
||||
self.write(cr, uid, [partner_id], {'signup_token': token, 'signup_expiration': expiration}, context=context)
|
||||
return token
|
||||
|
||||
def signup_retrieve_partner(self, cr, uid, token, raise_exception=False, context=None):
|
||||
""" find the partner corresponding to a token, and return its partner id or False """
|
||||
partner_ids = self.search(cr, uid, [('signup_token', '=', token)], context=context)
|
||||
return partner_ids and partner_ids[0] or False
|
||||
|
||||
def signup_get_url(self, cr, uid, partner_id, context):
|
||||
""" determine a url for the partner_id to sign up """
|
||||
base_url = self.pool.get('ir.config_parameter').get_param(cr, uid, 'web.base.url')
|
||||
token = self.browse(cr, uid, partner_id, context).signup_token
|
||||
if not token:
|
||||
token = self.signup_generate_token(cr, uid, partner_id, context=context)
|
||||
return urlparse.urljoin(base_url, '/login?db=%s#action=signup&token=%s' % (cr.dbname, token))
|
||||
|
||||
def signup(self, cr, values, token=None, context=None):
|
||||
""" signup a user, to either:
|
||||
- create a new user (no token), or
|
||||
- create a user for a partner (with token, but no user for partner), or
|
||||
- change the password of a user (with token, and existing user).
|
||||
:param values: a dictionary with field values
|
||||
:param token: signup token (optional)
|
||||
:return: the uid of the signed up user
|
||||
"""
|
||||
# signup the user, then log in (for setting properly the login_date)
|
||||
assert values.get('login') and values.get('password')
|
||||
uid = self._signup_user(cr, values, token, context)
|
||||
return self.login(cr.dbname, values['login'], values['password'])
|
||||
|
||||
def _signup_user(self, cr, values, token=None, context=None):
|
||||
ir_config_parameter = self.pool.get('ir.config_parameter')
|
||||
values.update({'signup_token': False, 'signup_expiration': False})
|
||||
|
||||
if token:
|
||||
# signup with a token: find the corresponding partner id
|
||||
partner_id = self.signup_retrieve_partner(cr, SUPERUSER_ID, token, context=None)
|
||||
if not partner_id:
|
||||
raise Exception('Signup token is not valid')
|
||||
partner = self.browse(cr, SUPERUSER_ID, partner_id, context)
|
||||
if partner.signup_expiration and partner.signup_expiration < now():
|
||||
raise Exception('Signup token is no longer valid')
|
||||
assert values['login'] == partner.email
|
||||
|
||||
# if user exists, modify its password
|
||||
if partner.user_ids:
|
||||
user = partner.user_ids[0]
|
||||
user.write(values)
|
||||
return user.id
|
||||
|
||||
# user does not exist: connect the new user to the partner
|
||||
values.update({'name': partner.name, 'partner_id': partner.id})
|
||||
|
||||
else:
|
||||
# check whether uninvited users may sign up
|
||||
if not ir_config_parameter.get_param(cr, SUPERUSER_ID, 'auth_signup.allow_uninvited', False):
|
||||
raise Exception('Signup is not allowed for uninvited users')
|
||||
|
||||
# create a new user
|
||||
assert values.get('name')
|
||||
values['email'] = values['login']
|
||||
template_user_id = ir_config_parameter.get_param(cr, SUPERUSER_ID, 'auth_signup.template_user_id')
|
||||
assert template_user_id, 'Signup: missing template user'
|
||||
return self.pool.get('res.users').copy(cr, SUPERUSER_ID, template_user_id, data, context=context)
|
||||
|
||||
|
||||
|
||||
class res_users(osv.Model):
|
||||
_inherit = 'res.users'
|
||||
|
|
Loading…
Reference in New Issue